Home Explore Help
Register Sign In
phyus
/
linux-vybrid_public
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

RDMA/cxgb3: Fix stack info leak in iwch_create_cq()

The "uresp.reserved" field isn't initialized on this path so it could
leak uninitialized stack information to the user.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Steve Wise <swise@opengridcomputing.com>
Signed-off-by: Roland Dreier <roland@purestorage.com>
Dan Carpenter 12 years ago
parent
3b2f64d00c
commit
246fcdbc9d
1 changed files with 1 additions and 0 deletions
Split View Show Diff Stats
  1. 1 0
      drivers/infiniband/hw/cxgb3/iwch_provider.c

+ 1 - 0
drivers/infiniband/hw/cxgb3/iwch_provider.c
View File 

@@ -226,6 +226,7 @@ static struct ib_cq *iwch_create_cq(struct ib_device *ibdev, int entries, int ve
 
 			mm->len = PAGE_ALIGN(((1UL << uresp.size_log2) + 1) *
 
 					     sizeof(struct t3_cqe));
 
 			uresp.memsize = mm->len;
 
+			uresp.reserved = 0;
 
 			resplen = sizeof uresp;
 
 		}
 
 		if (ib_copy_to_udata(udata, &uresp, resplen)) {